Blind Server-Side Request Forgery (SSRF) Vulnerability in Splunk Enterprise

Blind Server-Side Request Forgery (SSRF) Vulnerability in Splunk Enterprise

CVE-2023-22936 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within the environment.

Learn more about our Cis Benchmark Audit For Server Software.